[tor-relays] Blocking Domains

teor teor2345 at gmail.com
Tue Nov 1 15:10:16 UTC 2016 

> On 2 Nov. 2016, at 02:01, Tristan <supersluether at gmail.com> wrote:
> 
> So what mask would I use then? I've been trying to wrap my head around it, but I just don't understand what /24 means, or how it's different from /27 or any other number.

You have a list in IP-IP (IP range) format, and you want to convert it into
IP/Mask (CIDR) format. Here is a tool that will do that:
http://ipaddressguide.com/cidr

If you want to learn more, or check the tool's work:
https://en.wikipedia.org/wiki/CIDR_notation

> On 2 Nov. 2016, at 02:06, Tristan <supersluether at gmail.com> wrote:
> 
> Wow this is confusing. If I'm understanding this correctly, 0.0.0.0/24 would mean any address from 0.0.0.0 to 0.0.0.255, correct?

Yes.

Imagine each of the numbers in an IPv4 address is a byte.
Put them together, you have 32 bits.
Count each bit starting from 1, and when you reach the mask number,
the IP range is all the possible combinations of all the remaining bits.

Tim

> On Nov 1, 2016 9:58 AM, "teor" <teor2345 at gmail.com> wrote:
> 
> > On 2 Nov. 2016, at 01:54, SuperSluether <supersluether at gmail.com> wrote:
> >
> > So, I tried putting the IPs into my exit policy like this:
> >
> > xx.xx.xx.xx-xx.xx.xx:*
> >
> > But Tor doesn't like that syntax. What's the correct way to block address ranges in the exit policy?
> 
> The man page is your friend:
> 
>        ExitPolicy policy,policy,...
>            Set an exit policy for this server. Each policy is of the form
>            "accept[6]|reject[6]ADDR[/MASK][:PORT]". If /MASK is omitted then
>            this policy just applies to the host given.
> 
>            PORT can be a single port number, an
>            interval of ports "FROM_PORT-TO_PORT", or "*". If PORT is omitted,
>            that means "*".
> 
> --
> >
> > On 11/01/2016 07:32 AM, Ralph Seichter wrote:
> >> On 01.11.2016 12:56, hwertiout695 wrote:
> >>
> >>> https://whois.arin.net/rest/org/PANEL-2/nets [...]
> >> This appears to be the most comprehensive list of assigned networks
> >> I have seen so far for panelboxmanager.com; thank you.
> >>
> >> -Ralph
> >> _______________________________________________
> >> tor-relays mailing list
> >> tor-relays at lists.torproject.org
> >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> >
> > _______________________________________________
> > tor-relays mailing list
> > tor-relays at lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
> T
> 
> --
> Tim Wilson-Brown (teor)
> 
> teor2345 at gmail dot com
> PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
> ricochet:ekmygaiu4rzgsk6n
> xmpp: teor at torproject dot org
> ------------------------------------------------------------------------------
> 
> 
> 
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

T

-- 
Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------------

More information about the tor-relays mailing list